JwtClaimsValidator (ASAP - Parent POM 2.14.5 API)

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- com.atlassian.asap.core.validator.JwtClaimsValidator

public class JwtClaimsValidator
extends Object

Validates the claims contained in a JWT.

Field Summary

Fields
Modifier and Type	Field and Description
`static Duration`	`DEFAULT_MAX_LIFETIME` No matter what the claims say, the server should reject tokens that are too long-lived.
`static Duration`	`TIME_CLAIM_LEEWAY` The JWT spec says that implementers "MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew".

Constructor Summary

Constructors
Constructor and Description

JwtClaimsValidator(Clock clock)

JwtClaimsValidator(Clock clock, Duration maxTokenLifetime)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`validate(Jwt jwt, Set<String> resourceServerAudiences)` Checks the validity of the claims contained in a JWT in a given authentication context.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - TIME_CLAIM_LEEWAY
```
public static final Duration TIME_CLAIM_LEEWAY
```
    The JWT spec says that implementers "MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew". Calculations of the current time for the purposes of accepting or rejecting time-based claims (e.g. "exp" and "nbf") will allow for the current time being plus or minus this leeway, resulting in some time-based claims that are marginally before or after the current time being accepted instead of rejected.
  - DEFAULT_MAX_LIFETIME
```
public static final Duration DEFAULT_MAX_LIFETIME
```
    No matter what the claims say, the server should reject tokens that are too long-lived.
- Constructor Detail
  - JwtClaimsValidator
```
public JwtClaimsValidator(Clock clock)
```
  - JwtClaimsValidator
```
public JwtClaimsValidator(Clock clock,
                          Duration maxTokenLifetime)
```
- Method Detail
  - validate
```
public void validate(Jwt jwt,
                     Set<String> resourceServerAudiences)
              throws InvalidTokenException
```
    Checks the validity of the claims contained in a JWT in a given authentication context.
    
    Parameters:
    
    jwt - a JWT token
    
    resourceServerAudiences - the JWT token must be addressed to one of these audiences
    
    Throws:
    
    InvalidTokenException - if the claims are invalid or could not be verified

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2017 Atlassian. All rights reserved.